Hack Cave : Hacking Gmail with Fridge
Image courtesy: slate.com

Security researchers have discovered an exploit that could potentially steal Gmail credentials of a user whose information is available in a Samsung smart fridge. The smart fridge is among a number of Samsung’s ‘Smart Home’ appliances that can be controlled using the Smart Home application. This vulnerability was discovered during an IoT hacking challenge at the recently concluded DEF CON hacking conference.

Man in the middle attack

According to the researchers, a man-in-the-middle (MiTM) vulnerability was found that leaves Samsung smart refrigerators open to an exploit that allows an attacker to steal the owner’s Gmail credentials. Though the fridge implements SSL, it FAILS to validate SSL certificates. This leaves the fridge vulnerable to man-in-the-middle attacks against most connections.
"The internet-connected fridge is designed to display Gmail Calendar information on its display," explained Ken Munro, a security researcher at Pen Test Partners. "It appears to work the same way that any device running a Gmail calendar does. A logged-in user/owner of the calendar makes updates and those changes are then seen on any device that a user can view the calendar on."

Synced Gmail logins are Vulnerable

The Smart Fridge makes connections to Google's servers to download Gmail calendar information for the on-screen display. By intercepting the connection and performing MiTM attack, an attacker in the same network can potentially steal Google login credentials. It is possible because the fridge fails to validate the SSL certificates.  Hence, hackers who manage to access the network that the fridge is on, can Man-In-The-Middle the fridge calendar client and steal Google login credentials.

Other ways to exploit Smart fridge.

The researchers also tried to hack smart fridge through a Firmware update and but was unsuccessful.They also made attempts through TCP services and certificate challenges and found the possibility of a certificate that might be present in the mobile app code. This can be a potential breakthrough but it's yet to be confirmed. 

According to them "We pulled apart the mobile app and found what we believe is the certificate inside a keystore. We “believe” we did because it is has a name that suggests this. However, it is correctly passworded and we are yet to extract the password that opens the key store. We think we’ve found the password to the certificate in the client side code, but it’s obfuscated and we haven’t got round to reversing it, yet."
Source : http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/

Also Read: 

Post a Comment

  1. Interesting article. Even a fridge can be used to hack gmail ! It shows how unsafe we are becoming as the technology advances. Thanks for sharing.

  2. When you think to protect the Google account, third party service provider make sure that you also protect the account as soon as you change the password. They will also make a simple query whether to change your password or not and if yes, they get working like those normal days.can i get in touch with gmail support